From 9642f843425d41b60d48ed580ac80a73580ae9e4 Mon Sep 17 00:00:00 2001 From: liapples Date: Tue, 24 Aug 2021 00:31:27 +0800 Subject: [PATCH] =?UTF-8?q?=E8=AE=A2=E5=8D=95=E5=88=97=E8=A1=A8=E5=A2=9E?= =?UTF-8?q?=E5=8A=A0=E5=BD=93=E5=89=8D=E4=BE=9B=E5=BA=94=E5=95=86=E5=88=A4?= =?UTF-8?q?=E6=96=AD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/AdminSupplier/Controllers/OrderController.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/app/AdminSupplier/Controllers/OrderController.php b/app/AdminSupplier/Controllers/OrderController.php index 97fb12d..0d0aa8b 100644 --- a/app/AdminSupplier/Controllers/OrderController.php +++ b/app/AdminSupplier/Controllers/OrderController.php @@ -32,7 +32,9 @@ class OrderController extends AdminController $grid->disableDeleteButton(); $grid->disableEditButton(); - //TODO 筛选当前供应商 + $grid->model()->where(function ($query) { + return $query->whereHas('product', fn($q) => $q->where('supplier_id', Admin::user()->id)); + }); $grid->column('id')->sortable(); $grid->column('agent.name', '代理商'); @@ -125,6 +127,11 @@ class OrderController extends AdminController protected function form() { return Form::make(new Order(), function (Form $form) { + //不允许查看非自己的数据 + if ($form->isEditing() && $form->model()->supplier_id != Admin::user()->id) { + return $form->response()->error('数据不存在'); + } + $form->disableDeleteButton(); $form->disableFooter(); $form->disableHeader();